From c63afddaa06eb581ed24adedb86d3dca24ce8fdb Mon Sep 17 00:00:00 2001 From: "sas.fajri" Date: Sun, 31 May 2026 14:20:23 +0700 Subject: [PATCH] FHM31052601IBL - update trigger m_patient & m_patientaddress pakai _enc di log JSON Ganti field PII plaintext (Name, HP, Email, DOB, NIK, IDNumber, dll) dengan field _enc di JSON log_patient. Trigger m_patient_bu tetap UPPER-kan M_PatientName untuk backward compat. Co-Authored-By: Claude Sonnet 4.6 --- .../2026-05-31-pdp-update-triggers-enc.sql | 339 ++++++++++++++++++ 1 file changed, 339 insertions(+) create mode 100644 sql/manual_changes/2026-05-31-pdp-update-triggers-enc.sql diff --git a/sql/manual_changes/2026-05-31-pdp-update-triggers-enc.sql b/sql/manual_changes/2026-05-31-pdp-update-triggers-enc.sql new file mode 100644 index 00000000..a0e2ba14 --- /dev/null +++ b/sql/manual_changes/2026-05-31-pdp-update-triggers-enc.sql @@ -0,0 +1,339 @@ +-- UU PDP: update trigger m_patient dan m_patientaddress +-- Ganti field plaintext PII di log JSON dengan field _enc +-- Field non-PII (ID, status, timestamp) tetap plaintext di log + +-- ============================================================ +-- Drop trigger lama +-- ============================================================ +DROP TRIGGER IF EXISTS one_lab.vm_patient_ai; +DROP TRIGGER IF EXISTS one_lab.vm_patient_bu; +DROP TRIGGER IF EXISTS one_lab.m_patientaddress_ai; +DROP TRIGGER IF EXISTS one_lab.m_patientaddress_bu; + +-- ============================================================ +-- vm_patient_ai: AFTER INSERT m_patient +-- ============================================================ +DELIMITER // +CREATE DEFINER=`root`@`localhost` TRIGGER `vm_patient_ai` +AFTER INSERT ON `m_patient` +FOR EACH ROW +BEGIN +INSERT INTO one_lab_log.log_patient ( + Log_PatientM_PatientID, + Log_PatientDate, + Log_PatientCode, + Log_PatientJsonAfter, + Log_PatientUserID +) +VALUES( + NEW.M_PatientID, + NOW(), + 'PATIENT.ADD', + JSON_OBJECT( + "M_PatientID", NEW.M_PatientID, + "M_PatientNoReg", NEW.M_PatientNoReg, + "M_PatientPrefix", NEW.M_PatientPrefix, + "M_PatientSuffix", NEW.M_PatientSuffix, + "M_PatientM_TitleID", NEW.M_PatientM_TitleID, + "M_PatientM_SexID", NEW.M_PatientM_SexID, + "M_PatientInitialVisit", NEW.M_PatientInitialVisit, + "M_PatientLastVisit", NEW.M_PatientLastVisit, + "M_PatientM_ReligionID", NEW.M_PatientM_ReligionID, + "M_PatientM_IdTypeID", NEW.M_PatientM_IdTypeID, + "M_PatientNote", NEW.M_PatientNote, + "M_PatientPhoto", NEW.M_PatientPhoto, + "M_PatientPhotoThumb", NEW.M_PatientPhotoThumb, + "M_PatientM_CompanyStaffPositionID", NEW.M_PatientM_CompanyStaffPositionID, + "M_PatientPhotoCounter", NEW.M_PatientPhotoCounter, + "M_PatientCreated", NEW.M_PatientCreated, + "M_PatientLastUpdated", NEW.M_PatientLastUpdated, + "M_PatientCreatedUserID", NEW.M_PatientCreatedUserID, + "M_PatientUserID", NEW.M_PatientUserID, + "M_PatientIsActive", NEW.M_PatientIsActive, + "M_PatientOldID", NEW.M_PatientOldID, + "M_PatientCitizenship", NEW.M_PatientCitizenship, + "M_PatientReligionCode", NEW.M_PatientReligionCode, + "M_PatientBloodTypeCode", NEW.M_PatientBloodTypeCode, + "M_PatientBloodRhCode", NEW.M_PatientBloodRhCode, + "M_PatientEducationCode", NEW.M_PatientEducationCode, + "M_PatientIdentifierCode", NEW.M_PatientIdentifierCode, + "M_PatientIdentifierSystem", NEW.M_PatientIdentifierSystem, + "M_PatientIdentifierValue", NEW.M_PatientIdentifierValue, + "M_PatientName_enc", NEW.M_PatientName_enc, + "M_PatientHP_enc", NEW.M_PatientHP_enc, + "M_PatientPhone_enc", NEW.M_PatientPhone_enc, + "M_PatientEmail_enc", NEW.M_PatientEmail_enc, + "M_PatientPOB_enc", NEW.M_PatientPOB_enc, + "M_PatientDOB_enc", NEW.M_PatientDOB_enc, + "M_PatientIDNumber_enc", NEW.M_PatientIDNumber_enc, + "M_PatientNIK_enc", NEW.M_PatientNIK_enc + ), + IFNULL(NEW.M_PatientCreatedUserID, 0) +); +END// +DELIMITER ; + +-- ============================================================ +-- vm_patient_bu: BEFORE UPDATE m_patient +-- Tetap UPPER-kan M_PatientName (backward compat) +-- ============================================================ +DELIMITER // +CREATE DEFINER=`root`@`localhost` TRIGGER `vm_patient_bu` +BEFORE UPDATE ON `m_patient` +FOR EACH ROW +BEGIN + DECLARE KODE VARCHAR(50); + SET KODE = 'PATIENT.EDIT'; + IF OLD.M_PatientIsActive = 'Y' AND NEW.M_PatientIsActive = 'N' THEN + SET KODE = 'PATIENT.DELETE'; + END IF; + SET NEW.M_PatientName = UPPER(NEW.M_PatientName); + + INSERT INTO one_lab_log.log_patient ( + Log_PatientM_PatientID, + Log_PatientDate, + Log_PatientCode, + Log_PatientJsonAfter, + Log_PatientJsonBefore, + Log_PatientUserID + ) + VALUES( + NEW.M_PatientID, + NOW(), + KODE, + JSON_OBJECT( + "M_PatientID", NEW.M_PatientID, + "M_PatientNoReg", NEW.M_PatientNoReg, + "M_PatientPrefix", NEW.M_PatientPrefix, + "M_PatientSuffix", NEW.M_PatientSuffix, + "M_PatientM_TitleID", NEW.M_PatientM_TitleID, + "M_PatientM_SexID", NEW.M_PatientM_SexID, + "M_PatientInitialVisit", NEW.M_PatientInitialVisit, + "M_PatientLastVisit", NEW.M_PatientLastVisit, + "M_PatientM_ReligionID", NEW.M_PatientM_ReligionID, + "M_PatientM_IdTypeID", NEW.M_PatientM_IdTypeID, + "M_PatientNote", NEW.M_PatientNote, + "M_PatientPhoto", NEW.M_PatientPhoto, + "M_PatientPhotoThumb", NEW.M_PatientPhotoThumb, + "M_PatientM_CompanyStaffPositionID", NEW.M_PatientM_CompanyStaffPositionID, + "M_PatientPhotoCounter", NEW.M_PatientPhotoCounter, + "M_PatientCreated", NEW.M_PatientCreated, + "M_PatientLastUpdated", NEW.M_PatientLastUpdated, + "M_PatientLastUpdatedUserID", NEW.M_PatientLastUpdatedUserID, + "M_PatientUserID", NEW.M_PatientUserID, + "M_PatientIsActive", NEW.M_PatientIsActive, + "M_PatientOldID", NEW.M_PatientOldID, + "M_PatientCitizenship", NEW.M_PatientCitizenship, + "M_PatientReligionCode", NEW.M_PatientReligionCode, + "M_PatientBloodTypeCode", NEW.M_PatientBloodTypeCode, + "M_PatientBloodRhCode", NEW.M_PatientBloodRhCode, + "M_PatientEducationCode", NEW.M_PatientEducationCode, + "M_PatientIdentifierCode", NEW.M_PatientIdentifierCode, + "M_PatientIdentifierSystem", NEW.M_PatientIdentifierSystem, + "M_PatientIdentifierValue", NEW.M_PatientIdentifierValue, + "M_PatientName_enc", NEW.M_PatientName_enc, + "M_PatientHP_enc", NEW.M_PatientHP_enc, + "M_PatientPhone_enc", NEW.M_PatientPhone_enc, + "M_PatientEmail_enc", NEW.M_PatientEmail_enc, + "M_PatientPOB_enc", NEW.M_PatientPOB_enc, + "M_PatientDOB_enc", NEW.M_PatientDOB_enc, + "M_PatientIDNumber_enc", NEW.M_PatientIDNumber_enc, + "M_PatientNIK_enc", NEW.M_PatientNIK_enc + ), + JSON_OBJECT( + "M_PatientID", OLD.M_PatientID, + "M_PatientNoReg", OLD.M_PatientNoReg, + "M_PatientPrefix", OLD.M_PatientPrefix, + "M_PatientSuffix", OLD.M_PatientSuffix, + "M_PatientM_TitleID", OLD.M_PatientM_TitleID, + "M_PatientM_SexID", OLD.M_PatientM_SexID, + "M_PatientInitialVisit", OLD.M_PatientInitialVisit, + "M_PatientLastVisit", OLD.M_PatientLastVisit, + "M_PatientM_ReligionID", OLD.M_PatientM_ReligionID, + "M_PatientM_IdTypeID", OLD.M_PatientM_IdTypeID, + "M_PatientNote", OLD.M_PatientNote, + "M_PatientPhoto", OLD.M_PatientPhoto, + "M_PatientPhotoThumb", OLD.M_PatientPhotoThumb, + "M_PatientM_CompanyStaffPositionID", OLD.M_PatientM_CompanyStaffPositionID, + "M_PatientPhotoCounter", OLD.M_PatientPhotoCounter, + "M_PatientCreated", OLD.M_PatientCreated, + "M_PatientLastUpdated", OLD.M_PatientLastUpdated, + "M_PatientLastUpdatedUserID", OLD.M_PatientLastUpdatedUserID, + "M_PatientUserID", OLD.M_PatientUserID, + "M_PatientIsActive", OLD.M_PatientIsActive, + "M_PatientOldID", OLD.M_PatientOldID, + "M_PatientCitizenship", OLD.M_PatientCitizenship, + "M_PatientReligionCode", OLD.M_PatientReligionCode, + "M_PatientBloodTypeCode", OLD.M_PatientBloodTypeCode, + "M_PatientBloodRhCode", OLD.M_PatientBloodRhCode, + "M_PatientEducationCode", OLD.M_PatientEducationCode, + "M_PatientIdentifierCode", OLD.M_PatientIdentifierCode, + "M_PatientIdentifierSystem", OLD.M_PatientIdentifierSystem, + "M_PatientIdentifierValue", OLD.M_PatientIdentifierValue, + "M_PatientName_enc", OLD.M_PatientName_enc, + "M_PatientHP_enc", OLD.M_PatientHP_enc, + "M_PatientPhone_enc", OLD.M_PatientPhone_enc, + "M_PatientEmail_enc", OLD.M_PatientEmail_enc, + "M_PatientPOB_enc", OLD.M_PatientPOB_enc, + "M_PatientDOB_enc", OLD.M_PatientDOB_enc, + "M_PatientIDNumber_enc", OLD.M_PatientIDNumber_enc, + "M_PatientNIK_enc", OLD.M_PatientNIK_enc + ), + IFNULL(NEW.M_PatientLastUpdatedUserID, 0) + ); +END// +DELIMITER ; + +-- ============================================================ +-- m_patientaddress_ai: AFTER INSERT m_patientaddress +-- ============================================================ +DELIMITER // +CREATE DEFINER=`root`@`localhost` TRIGGER `m_patientaddress_ai` +AFTER INSERT ON `m_patientaddress` +FOR EACH ROW +BEGIN + DECLARE XM_PatientNameEnc TEXT; + SELECT M_PatientName_enc INTO XM_PatientNameEnc + FROM m_patient + WHERE M_PatientID = NEW.M_PatientAddressM_PatientID + AND M_PatientIsActive = 'Y' LIMIT 1; + + INSERT INTO one_lab_log.log_patient ( + Log_PatientM_PatientID, + Log_PatientDate, + Log_PatientCode, + Log_PatientJsonAfter, + Log_PatientUserID + ) + VALUES( + NEW.M_PatientAddressM_PatientID, + NOW(), + 'PATIENT.ADDR_ADD', + JSON_OBJECT( + "M_PatientAddressID", NEW.M_PatientAddressID, + "M_PatientAddressM_PatientID", NEW.M_PatientAddressM_PatientID, + "M_PatientName_enc", XM_PatientNameEnc, + "M_PatientAddressNote", NEW.M_PatientAddressNote, + "M_PatientAddressRegionalCd", NEW.M_PatientAddressRegionalCd, + "M_PatientAddressLocation", NEW.M_PatientAddressLocation, + "M_PatientAddressM_KelurahanID", NEW.M_PatientAddressM_KelurahanID, + "M_PatientAddressOldCityID", NEW.M_PatientAddressOldCityID, + "M_PatientAddressPostCodeID", NEW.M_PatientAddressPostCodeID, + "M_PatientAddressCity", NEW.M_PatientAddressCity, + "M_PatientAddressRT", NEW.M_PatientAddressRT, + "M_PatientAddressRW", NEW.M_PatientAddressRW, + "M_PatientAddressVillage", NEW.M_PatientAddressVillage, + "M_PatientAddressDistrict", NEW.M_PatientAddressDistrict, + "M_PatientAddressState", NEW.M_PatientAddressState, + "M_PatientAddressCountry", NEW.M_PatientAddressCountry, + "M_PatientAddressCreated", NEW.M_PatientAddressCreated, + "M_PatientAddressLastUpdated", NEW.M_PatientAddressLastUpdated, + "M_PatientAddressIsActive", NEW.M_PatientAddressIsActive, + "M_PatientAddressLat", NEW.M_PatientAddressLat, + "M_PatientAddressLng", NEW.M_PatientAddressLng, + "M_PatientAddressCreatedUserID", NEW.M_PatientAddressCreatedUserID, + "M_PatientAddressUserID", NEW.M_PatientAddressUserID, + "M_PatientAddressDescription_enc", NEW.M_PatientAddressDescription_enc, + "M_PatientAddressEmail_enc", NEW.M_PatientAddressEmail_enc, + "M_PatientAddressPhone_enc", NEW.M_PatientAddressPhone_enc + ), + NEW.M_PatientAddressCreatedUserID + ); +END// +DELIMITER ; + +-- ============================================================ +-- m_patientaddress_bu: BEFORE UPDATE m_patientaddress +-- ============================================================ +DELIMITER // +CREATE DEFINER=`root`@`localhost` TRIGGER `m_patientaddress_bu` +BEFORE UPDATE ON `m_patientaddress` +FOR EACH ROW +BEGIN + DECLARE KODE VARCHAR(50); + DECLARE XM_PatientNameEnc TEXT; + + SELECT M_PatientName_enc INTO XM_PatientNameEnc + FROM m_patient + WHERE M_PatientID = NEW.M_PatientAddressM_PatientID + AND M_PatientIsActive = 'Y' LIMIT 1; + + SET KODE = 'PATIENT.ADDR_EDT'; + IF OLD.M_PatientAddressIsActive = 'Y' AND NEW.M_PatientAddressIsActive = 'N' THEN + SET KODE = 'PATIENT.ADDR_DELETE'; + END IF; + + INSERT INTO one_lab_log.log_patient ( + Log_PatientM_PatientID, + Log_PatientDate, + Log_PatientCode, + Log_PatientJsonBefore, + Log_PatientJsonAfter, + Log_PatientUserID + ) + VALUES( + NEW.M_PatientAddressM_PatientID, + NOW(), + KODE, + JSON_OBJECT( + "M_PatientAddressID", OLD.M_PatientAddressID, + "M_PatientAddressM_PatientID", OLD.M_PatientAddressM_PatientID, + "M_PatientName_enc", XM_PatientNameEnc, + "M_PatientAddressNote", OLD.M_PatientAddressNote, + "M_PatientAddressRegionalCd", OLD.M_PatientAddressRegionalCd, + "M_PatientAddressLocation", OLD.M_PatientAddressLocation, + "M_PatientAddressM_KelurahanID", OLD.M_PatientAddressM_KelurahanID, + "M_PatientAddressOldCityID", OLD.M_PatientAddressOldCityID, + "M_PatientAddressPostCodeID", OLD.M_PatientAddressPostCodeID, + "M_PatientAddressCity", OLD.M_PatientAddressCity, + "M_PatientAddressRT", OLD.M_PatientAddressRT, + "M_PatientAddressRW", OLD.M_PatientAddressRW, + "M_PatientAddressVillage", OLD.M_PatientAddressVillage, + "M_PatientAddressDistrict", OLD.M_PatientAddressDistrict, + "M_PatientAddressState", OLD.M_PatientAddressState, + "M_PatientAddressCountry", OLD.M_PatientAddressCountry, + "M_PatientAddressCreated", OLD.M_PatientAddressCreated, + "M_PatientAddressLastUpdated", OLD.M_PatientAddressLastUpdated, + "M_PatientAddressIsActive", OLD.M_PatientAddressIsActive, + "M_PatientAddressLat", OLD.M_PatientAddressLat, + "M_PatientAddressLng", OLD.M_PatientAddressLng, + "M_PatientAddressCreatedUserID", OLD.M_PatientAddressCreatedUserID, + "M_PatientAddressLastUpdatedUserID",OLD.M_PatientAddressLastUpdatedUserID, + "M_PatientAddressUserID", OLD.M_PatientAddressUserID, + "M_PatientAddressDescription_enc", OLD.M_PatientAddressDescription_enc, + "M_PatientAddressEmail_enc", OLD.M_PatientAddressEmail_enc, + "M_PatientAddressPhone_enc", OLD.M_PatientAddressPhone_enc + ), + JSON_OBJECT( + "M_PatientAddressID", NEW.M_PatientAddressID, + "M_PatientAddressM_PatientID", NEW.M_PatientAddressM_PatientID, + "M_PatientName_enc", XM_PatientNameEnc, + "M_PatientAddressNote", NEW.M_PatientAddressNote, + "M_PatientAddressRegionalCd", NEW.M_PatientAddressRegionalCd, + "M_PatientAddressLocation", NEW.M_PatientAddressLocation, + "M_PatientAddressM_KelurahanID", NEW.M_PatientAddressM_KelurahanID, + "M_PatientAddressOldCityID", NEW.M_PatientAddressOldCityID, + "M_PatientAddressPostCodeID", NEW.M_PatientAddressPostCodeID, + "M_PatientAddressCity", NEW.M_PatientAddressCity, + "M_PatientAddressRT", NEW.M_PatientAddressRT, + "M_PatientAddressRW", NEW.M_PatientAddressRW, + "M_PatientAddressVillage", NEW.M_PatientAddressVillage, + "M_PatientAddressDistrict", NEW.M_PatientAddressDistrict, + "M_PatientAddressState", NEW.M_PatientAddressState, + "M_PatientAddressCountry", NEW.M_PatientAddressCountry, + "M_PatientAddressCreated", NEW.M_PatientAddressCreated, + "M_PatientAddressLastUpdated", NEW.M_PatientAddressLastUpdated, + "M_PatientAddressIsActive", NEW.M_PatientAddressIsActive, + "M_PatientAddressLat", NEW.M_PatientAddressLat, + "M_PatientAddressLng", NEW.M_PatientAddressLng, + "M_PatientAddressCreatedUserID", NEW.M_PatientAddressCreatedUserID, + "M_PatientAddressLastUpdatedUserID",NEW.M_PatientAddressLastUpdatedUserID, + "M_PatientAddressUserID", NEW.M_PatientAddressUserID, + "M_PatientAddressDescription_enc", NEW.M_PatientAddressDescription_enc, + "M_PatientAddressEmail_enc", NEW.M_PatientAddressEmail_enc, + "M_PatientAddressPhone_enc", NEW.M_PatientAddressPhone_enc + ), + NEW.M_PatientAddressLastUpdatedUserID + ); +END// +DELIMITER ;